Before its initialization, also referred to as “pre-personalization”, a portable electronic entity cannot function, in particular for applications requiring a high level of security, for example for the authentication of its bearer, access to a pay service or a payment. For it to support this type of application, the initialization of a portable electronic entity concerns at least two main types of information: application data, including the code of the applications and the values of their variables, and security data, generally encryption keys. The data can furthermore concern printed data, such as logos and bar codes, which are placed on the surface of the portable electronic entity.
Complementing initialization, the aim of personalization of the portable electronic entities is for the organization that issues them to have available entities corresponding to its particular services and applications. It also aims for each portable electronic entity to contain data concerning its bearer (for example name, telephone number, account number and photograph, signature, data defining the services to which the bearer is entitled and limit amounts for those services) and where applicable here also security data such as encryption keys.
In the technical literature, the concepts of initialization and personalization are often lumped together under the common term “personalization”, which we opt to do here, although these steps can be separate and carried out by different service providers, for example, for security reasons, in particular in the field of bank cards.
Personalization is carried out by a personalization station that processes personalization data.
The portable electronic entity includes a rewritable non-volatile memory, for example an EEPROM (Electrically Erasable and Programmable Read Only Memory). Electrical personalization consists essentially in a step of initialization of that non-volatile memory, and thus of the portable electronic entity, and a step of storing in this memory data that varies from one portable electronic entity to another.